<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>login_process</title>
</head>

	<?php

	include("Connection.php");

	$username = $_POST['username'];
	$password = $_POST['password'];
	$query = "  SELECT Username
				FROM user
				WHERE Username='$username' AND Password='$password';";
	$result = mysql_query($query);
	
	$row = mysql_fetch_assoc($result);

	if(mysql_num_rows($result)){//username and password combination exists
	
		$v = mysql_fetch_assoc($result);
		$val = $v['Username'];
		//check if the user is an employee or member
		$check = "SELECT Username 
				  FROM GTCREmployee
				  WHERE Username='$val'";
		
		$userType = mysql($check);
		
		//user is a member
		if(!mysql_num_rows($userType))
			header("Location: https://academic-php.cc.gatech.edu/groups/cs4400_Group_7/Homepage.php");
			
		//user is an employee
		else
			header("Location: https://academic-php.cc.gatech.edu/groups/cs4400_Group_7/HomepageEmployee.php");
	}

	else{//incorrect username or password
		header("Location: https://academic-php.cc.gatech.edu/groups/cs4400_Group_7/index.php");
	}

	mysql_close($link);
?>

<body>
</body>
</html>